import { NextResponse } from 'next/server';
import { getServerSession } from 'next-auth/next';
import { authOptions } from '@/app/api/auth/[...nextauth]/route';
import { api } from '@/lib/apiService';

export async function POST(req) {
  const session = await getServerSession(authOptions);
  if (!session?.user?.email) {
    return Response.json({ error: '未登录' }, { status: 401 });
  }
  
  const { oldPassword, newPassword } = await req.json();
  if (!oldPassword || !newPassword) {
    return Response.json({ error: '参数不完整' }, { status: 400 });
  }
  
  try {
    // 调用Python后端的更新密码API
    const response = await api.post('user/update-password', {
      oldPassword,
      newPassword
    });
    
    return Response.json(response);
  } catch (error) {
    console.error('Error updating password:', error);
    return Response.json({ error: error.message }, { status: 500 });
  }
}